Saturday, September 23, 2006

Default Admin Passwords and Hacking ATM's

Peter Bromberg's UnBlog - Security WHAT? 75,000250,000 Hackable ATM's- and the manuals are ONLINE

"I just had to laugh at how incredibly stupid people can be after reading this Wired story about how some schmuck got the "Administrator" Keypad password (which you can get right out of the PDF manual, which you can search for, find, and download online -- and that's not the only ATM model you can do this with).

The password basically allows you to reconfigure the machine to think it is holding $5 bills instead of twenties and dispense four times the amount of money you ask for ..."

Sometimes I get bugged by systems/applications/web sites that require me to enter strong passwords or to choose a strong password on first use.

But there's a method to their madness. Some (some?) people seem to be pretty lazy, (err... um... I mean... very thrifty with their upfront time... um... yeah...) the above post helping prove that point.

If it's to hard to use a system, then don't. If you have to use it, understand its operation. And RTFM!

As a software developer, this is as much a "Note to Self" as a rant...  ;)

Posted 9/23/2006 09:41:00 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)